If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

- https://blogs.technet.com/b/msrc/arc...edirected=true
3 Jun 2012 - "We recently became aware of a complex piece of targeted malware known as 'Flame' and immediately began examining the issue. As many reports assert, Flame has been used in highly sophisticated and targeted attacks and, as a result, the vast majority of customers are not at risk. Additionally, most antivirus products will detect and remove this malware. That said, our investigation has discovered some techniques used by this malware that could also be leveraged by less sophisticated attackers to launch more widespread attacks..."

- https://blogs.technet.com/b/srd/arch...edirected=true
3 Jun 2012 - "... we released Security Advisory 2718704*, notifying customers that unauthorized digital certificates have been found that chain up to a Microsoft sub-certification authority issued under the Microsoft Root Authority... we encourage all customers to apply the officially tested update to add the proper certificates to the Untrusted Certificate Store... Components of the Flame malware were signed with a certificate that chained up to the Microsoft Enforced Licensing Intermediate PCA certificate authority, and ultimately, to the Microsoft Root Authority. This code-signing certificate came by way of the Terminal Server Licensing Service that we operate to issue certificates to customers for ancillary PKI-based functions in their enterprise. Such a certificate could (without this update being applied) also allow attackers to sign code that validates as having been produced by Microsoft.
Conclusion: We recommend that all customers apply this update."

- http://www.securitytracker.com/id/1027114
Jun 4 2012
... Unauthorized digital certificates derived from these certificate authorities are being actively used in attacks.
Windows Mobile 6.x and Windows Phone 7 and 7.5 are also affected.
Impact: A remote user may be able to spoof code signing signatures.
Solution: The vendor has issued a fix (KB2718704), available via automatic update...

Microsoft Security Advisory (2718704)
- http://atlas.arbor.net/briefs/index#-2141289419
Severity: Extreme Severity
Published: Monday, June 04, 2012 20:39
This security vulnerability is high risk and should be looked at ASAP by security teams.Analysis: Due to the risks involved, multiple sources suggest that this issue be mitigated as soon as possible. The vulnerability has already been used in the Flame malware, which has been around for a few years. How many other potential adversaries have found and are leveraging the same security hole for their purposes is an open question.
Source: http://technet.microsoft.com/en-us/s...visory/2718704

- http://googleonlinesecurity.blogspot...ity-under.html
June 12, 2012 - "... attacks are being distributed both via malicious web pages intended for Internet Explorer users and through Office documents. Users running Windows XP up to and including Windows 7 are known to be vulnerable..."
___

MS Security Advisory updates 2012.06.13...

FYI...

Further insight into Security Advisory 2719615
- https://blogs.technet.com/b/msrc/arc...edirected=true
13 Jun 2012 - "During our regular Update Tuesday bulletin cycle this week, we released Security Advisory 2719615*, which provides guidance concerning a remote code execution issue affecting MSXML Code Services. As part of that Advisory, we've built a Fix it workaround that blocks the potential attack vector in Internet Explorer. Fix its are a labor-saving mechanism that helps protect customers from a specific issue in advance of a comprehensive security update. We encourage customers to read more about SA2716915's one-click, no-reboot-required Fix it in an in-depth post on the SRD blog**."
* http://technet.microsoft.com/en-us/s...visory/2719615

MS12-034 FixIt...

FYI...

MS12-034: Description of the security update for CVE-2012-0181 in Windows XP and Windows Server 2003
- http://support.microsoft.com/kb/2686...xItForMeAlways
Last Review: June 19, 2012 - Revision: 4.0 - "... If you receive the "0x8007F0F4" error when you try to install this security update, check to see if the %windir%\FaultyKeyboard.log file was created on the computer...
Known issues with this security update: In some scenarios, the %windir%\FaultyKeyboard.log file might not have been created on your computer. If the file was not created, follow these steps: To fix this problem automatically, click the Fix it button or link. Then click Run in the File Download dialog box, and follow the steps in the Fix it wizard..."

MS12-037 exploit in-the-wild

FYI...

MS12-037 exploit in-the-wild
- http://nakedsecurity.sophos.com/2012...d-in-the-wild/
June 19, 2012 - "A critical Internet Explorer vulnerability, announced and patched by Microsoft in June's Patch Tuesday, is being exploited in the wild. The vulnerability is CVE-2012-1875*... patched in MS12-037**... Cunningly-crafted JavaScript code - which can be embedded in a web page to foist the exploit on unsuspecting vistors - is circulating freely on the internet. Also, the Metasploit exploitation framework now has a plug-in module which will generate malicious JavaScript for you on-the-fly to help you automate an attack... response is easy: if you haven't patched already, do so right away..."
* http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1875 - 9.3 (HIGH)

IE9 may stop responding ...

FYI...

IE9 may stop responding if DFX Audio Enhancer is installed
- http://support.microsoft.com/kb/2727797/
Last Review: June 22, 2012 - Revision: 2.0 ...
"Consider the following scenario:
You are running Windows Internet Explorer 9.
DFX Audio Enhancer version 10 is installed on the computer.
The following security update is installed on the computer:
2699988 MS12-037: Cumulative Security Update for Internet Explorer: June 12, 2012
In this scenario, Windows Internet Explorer 9 may stop responding, or "hang."
CAUSE: This issue occurs because of an incompatibility with an earlier version of DFX Audio Enhancer...
For more information about how to obtain the latest version of DFX, go to the following third-party webpage:
- http://www.fxsound.com/dfx/index.php ..."

The machine has no brain.
......... Use your own.
Browser check for updateshere.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.